Letters from HRSDC do little to allay worries of those whose medical information and Social Insurance Numbers were misplaced.

The loss of highly sensitive personal information held by a federal government department has ignited concern and frustration among those affected by the blunder.

After an employee with the Human Resources and Skills Development Canada (HRSDC) misplaced an electronic storage device containing the personal information of about 5,000 Canadians, the department sent letters to affected people informing them of the mishap.

But the correspondence, which includes steps the affected people can take to further protect their personal information, did little to allay the worries of one Norfolk County woman, who said she was left in “confusion” and “disbelief.”

Signed by Mary Pichette, director general of HRSDC’s Canada Pension Plan Disability Directorate, the letter she received on Friday indicated that the “types of information” contained on the USB stick included Social Insurance Number, medical condition, birth date, occupation and the presence of other payers, such as workers’ compensation.

“When you sign a privacy release for a government institution to receive information from your doctor, you sign that expecting that is kept confidential, and it’s not,” the woman said. “How many people could use that information that’s out there?”

She said she submitted her information to HRSDC upon filing for a disability pension.

She said the incident has amplified the stress she is already facing as a result of her medical conditions and ongoing struggle to secure disability benefits.

“You think you’re just getting to the end of the road and then you get this big pile of whatever dropped on you,” said the woman, who has struggled to make ends meet since she left her job as an office manager five years ago. She requested anonymity for fear of jeopardizing her claim, which she has been pursuing since 2008.

According to Anne-Marie Hayden, spokeswoman for the federal privacy commissioner, the office has received about 90 calls from affected individuals since HRSDC reported the breach on Dec. 21.

In a couple of cases, affected individuals have “taken that extra step” and filed an official complaint with the privacy commissioner, she said.

The office is working with the department to resolve the matter, but has yet to determine whether it will launch a formal investigation into the incident, she said.

HRSDC did not immediately respond to a request for comment.

In her letter, Pichette apologized to affected individuals for what she described as a “very unfortunate incident.”

“While we view the risk of your information having been released as low, we will monitor your Social Insurance Number record and notify you immediately of any concern,” she said.

To “ensure the continued safety” of personal information, the department listed a number of measures that affected individuals “may wish to consider,” including contacting their local banks, reporting irregularities in mail delivery and monitoring their credit ratings.

More on thestar.com

We value respectful and thoughtful discussion. Readers are encouraged to flag comments that fail to meet the standards outlined in our
Community Code of Conduct.
For further information, including our legal guidelines, please see our full website
Terms and Conditions.